Last updated 3 weeks ago

Setting up your identity provider

Organizations can choose to set up their identity provider (IdP) for storing and authenticating the identities that their users use to log in to their systems and applications.

Redocly currently only supports connecting using the OpenID Connect (OIDC) identity provider for advanced functionality including RBAC and API gateway proxy integrations.

Set up Org Settings

In this task, organization owners set up their OIDC details, including the config URL, Client ID and Client Secret key for their organization in Redocly Workflows.

  1. Log into Redocly Workflows and select Org Settings. Create new app
  2. From the left, select Identity providers.
  3. Under OpenID Connect, enter the following information:

    • Configuration URL (.well-known) - The OpenID configuration URL for your identity provider. This is typically in the format https://{identity-provider-hostname}/.well-known/openid-configuration
    • Client ID - Unique ID to identify Redocly with your IdP authorization server.
    • Client Secret - Secret password that only Redocly and your IdP authorization server know.

    Note: Organization owners can find out these details from their identity provider. For more information, see the Identity providers and OIDC configuration section.

  4. Under Scopes, select email and profile to set your scope during authentication to authorize access. OIDC connect
  5. Select Update OIDC Settings to save your changes.

Once you have configured your OIDC settings, you can set up access control to your:

  • Developer portal
  • Reference docs

Set up access control for your Developer portal

Using these instructions, you can set up access control to your Developer portal using the OIDC details. Organization owners can set up access control individually for as many portals as required.

  1. In Redocly Workflows, select Portals. Portals list
  2. Select the Portal you want to set up access control. The Portal Overview page is displayed. Portals overview
  3. Select Settings to view the Portal settings.
  4. On the Settings page, from the left, select Access control.
  5. Under the Access control section,

    • Select Public and tick Allow login.
    • Select OIDC from the dropdown. Allow OIDC
  6. Select Apply to save your settings.

You have now successfully set up access control for your Developer portal.

Set up access control for your Reference docs

Using these instructions, you can set up access control to your reference docs using the OIDC details. Organization owners can set up access control individually for as many reference docs as required.

  1. In Redocly Workflows, select Reference Docs. Ref docs list
  2. Select the Reference docs you want to set up access control. The Overview page is displayed. Ref docs overview
  3. Select Settings to view the Reference docs settings.
  4. On the Settings page, from the left, select Access control.
  5. Under the Production section, select OIDC Members only. Allow OIDC
  6. Select Apply to save your settings.

You have now successfully set up access control for your reference docs.

Identity providers and OIDC configuration

This list shows the configuration URLs and associated documentation for a few popular identity providers.

Google Cloud Platform (GCP)

Config URL: https://accounts.google.com/.well-known/openid-configuration

Docs: Google OIDC docs

Okta

Config URL: https://${yourOktaDomain}/.well-known/openid-configuration

Docs: Okta Developer docs

Auth0

Config URL: https://YOUR_AUTH0_DOMAIN/.well-known/openid-configuration

Docs: Auth0 documentation

AWS Cognito

Config URL: https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/openid-configuration

Docs: AWS Cognito docs

Microsoft Active Directory

Config URL: https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration

Docs: Microsoft OIDC docs